vendor/symfony/security-http/Firewall/SimplePreAuthenticationListener.php line 35

Open in your IDE?
  1. <?php
  3. /*
  4.  * This file is part of the Symfony package.
  5.  *
  6.  * (c) Fabien Potencier <fabien@symfony.com>
  7.  *
  8.  * For the full copyright and license information, please view the LICENSE
  9.  * file that was distributed with this source code.
  10.  */
  12. namespace Symfony\Component\Security\Http\Firewall;
  14. use Psr\Log\LoggerInterface;
  15. use Symfony\Component\EventDispatcher\EventDispatcherInterface;
  16. use Symfony\Component\EventDispatcher\LegacyEventDispatcherProxy;
  17. use Symfony\Component\HttpFoundation\Request;
  18. use Symfony\Component\HttpFoundation\Response;
  19. use Symfony\Component\HttpKernel\Event\RequestEvent;
  20. use Symfony\Component\Security\Core\Authentication\AuthenticationManagerInterface;
  21. use Symfony\Component\Security\Core\Authentication\AuthenticationTrustResolver;
  22. use Symfony\Component\Security\Core\Authentication\AuthenticationTrustResolverInterface;
  23. use Symfony\Component\Security\Core\Authentication\Token\AnonymousToken;
  24. use Symfony\Component\Security\Core\Authentication\Token\RememberMeToken;
  25. use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorageInterface;
  26. use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
  27. use Symfony\Component\Security\Core\Exception\AuthenticationException;
  28. use Symfony\Component\Security\Http\Authentication\AuthenticationFailureHandlerInterface;
  29. use Symfony\Component\Security\Http\Authentication\AuthenticationSuccessHandlerInterface;
  30. use Symfony\Component\Security\Http\Authentication\SimplePreAuthenticatorInterface;
  31. use Symfony\Component\Security\Http\Event\InteractiveLoginEvent;
  32. use Symfony\Component\Security\Http\SecurityEvents;
  33. use Symfony\Component\Security\Http\Session\SessionAuthenticationStrategyInterface;
  35. @trigger_error(sprintf('The "%s" class is deprecated since Symfony 4.2, use Guard instead.'SimplePreAuthenticationListener::class), E_USER_DEPRECATED);
  37. /**
  38.  * SimplePreAuthenticationListener implements simple proxying to an authenticator.
  39.  *
  40.  * @author Jordi Boggiano <j.boggiano@seld.be>
  41.  *
  42.  * @deprecated since Symfony 4.2, use Guard instead.
  43.  */
  44. class SimplePreAuthenticationListener implements ListenerInterface
  45. {
  46.     use LegacyListenerTrait;
  48.     private $tokenStorage;
  49.     private $authenticationManager;
  50.     private $providerKey;
  51.     private $simpleAuthenticator;
  52.     private $logger;
  53.     private $dispatcher;
  54.     private $sessionStrategy;
  55.     private $trustResolver;
  57.     public function __construct(TokenStorageInterface $tokenStorageAuthenticationManagerInterface $authenticationManagerstring $providerKeySimplePreAuthenticatorInterface $simpleAuthenticatorLoggerInterface $logger nullEventDispatcherInterface $dispatcher nullAuthenticationTrustResolverInterface $trustResolver null)
  58.     {
  59.         if (empty($providerKey)) {
  60.             throw new \InvalidArgumentException('$providerKey must not be empty.');
  61.         }
  63.         $this->tokenStorage $tokenStorage;
  64.         $this->authenticationManager $authenticationManager;
  65.         $this->providerKey $providerKey;
  66.         $this->simpleAuthenticator $simpleAuthenticator;
  67.         $this->logger $logger;
  69.         if (null !== $dispatcher && class_exists(LegacyEventDispatcherProxy::class)) {
  70.             $this->dispatcher LegacyEventDispatcherProxy::decorate($dispatcher);
  71.         } else {
  72.             $this->dispatcher $dispatcher;
  73.         }
  75.         $this->trustResolver $trustResolver ?: new AuthenticationTrustResolver(AnonymousToken::class, RememberMeToken::class);
  76.     }
  78.     /**
  79.      * Call this method if your authentication token is stored to a session.
  80.      *
  81.      * @final
  82.      */
  83.     public function setSessionAuthenticationStrategy(SessionAuthenticationStrategyInterface $sessionStrategy)
  84.     {
  85.         $this->sessionStrategy $sessionStrategy;
  86.     }
  88.     /**
  89.      * Handles basic authentication.
  90.      */
  91.     public function __invoke(RequestEvent $event)
  92.     {
  93.         $request $event->getRequest();
  95.         if (null !== $this->logger) {
  96.             $this->logger->info('Attempting SimplePreAuthentication.', ['key' => $this->providerKey'authenticator' => \get_class($this->simpleAuthenticator)]);
  97.         }
  99.         if ((null !== $token $this->tokenStorage->getToken()) && !$this->trustResolver->isAnonymous($token)) {
  100.             return;
  101.         }
  103.         try {
  104.             $token $this->simpleAuthenticator->createToken($request$this->providerKey);
  106.             // allow null to be returned to skip authentication
  107.             if (null === $token) {
  108.                 return;
  109.             }
  111.             $token $this->authenticationManager->authenticate($token);
  113.             $this->migrateSession($request$token);
  115.             $this->tokenStorage->setToken($token);
  117.             if (null !== $this->dispatcher) {
  118.                 $loginEvent = new InteractiveLoginEvent($request$token);
  119.                 $this->dispatcher->dispatch($loginEventSecurityEvents::INTERACTIVE_LOGIN);
  120.             }
  121.         } catch (AuthenticationException $e) {
  122.             $this->tokenStorage->setToken(null);
  124.             if (null !== $this->logger) {
  125.                 $this->logger->info('SimplePreAuthentication request failed.', ['exception' => $e'authenticator' => \get_class($this->simpleAuthenticator)]);
  126.             }
  128.             if ($this->simpleAuthenticator instanceof AuthenticationFailureHandlerInterface) {
  129.                 $response $this->simpleAuthenticator->onAuthenticationFailure($request$e);
  130.                 if ($response instanceof Response) {
  131.                     $event->setResponse($response);
  132.                 } elseif (null !== $response) {
  133.                     throw new \UnexpectedValueException(sprintf('The %s::onAuthenticationFailure method must return null or a Response object', \get_class($this->simpleAuthenticator)));
  134.                 }
  135.             }
  137.             return;
  138.         }
  140.         if ($this->simpleAuthenticator instanceof AuthenticationSuccessHandlerInterface) {
  141.             $response $this->simpleAuthenticator->onAuthenticationSuccess($request$token);
  142.             if ($response instanceof Response) {
  143.                 $event->setResponse($response);
  144.             } elseif (null !== $response) {
  145.                 throw new \UnexpectedValueException(sprintf('The %s::onAuthenticationSuccess method must return null or a Response object', \get_class($this->simpleAuthenticator)));
  146.             }
  147.         }
  148.     }
  150.     private function migrateSession(Request $requestTokenInterface $token)
  151.     {
  152.         if (!$this->sessionStrategy || !$request->hasSession() || !$request->hasPreviousSession()) {
  153.             return;
  154.         }
  156.         $this->sessionStrategy->onAuthentication($request$token);
  157.     }
  158. }